Jetpack 3.9.2: Maintenance and Security Release

Jetpack 3.9.2 is now available for download. We’ve added two security updates as well as several bug fixes and enhancements. We recommend that you update your sites to the latest version as soon as possible.

Security updates

Beautiful Math: there was a potential XSS vulnerability when parsing LaTeX markup within HTML elements. The issue was discovered and fixed by our security team.

Contact Form: private site credentials could be saved in plain text in WordPress’ postmeta table when said credentials were set to be stored in Environment variables. The issue was discovered by Oliver Liu.

Other minor fixes

This release also includes other bug fixes:

Nova Menus: fixed notices as well as issues when adding menu items in bulk.

Publicize: Authors can now access their Publicize settings again.

Publicize: fixed problems for Australian and Canadian English sites using Publicize to send their posts to Facebook.

Embeds: it is now possible to embed Instagram posts using a www in the URL.

Widget Visibility: fixed an issue appearing when a page title matched an existing page ID.

Staging Mode

Do you use a backup / cloning plugin to clone your production site to a staging environment? Starting with Jetpack 3.9.2, you can use a constant or a filter to flag a site as “Staging site”, thus avoid conflicts and synchronization issues with Jetpack.

The widget doesn’t include such an option, but you can use the jetpack_widget_get_top_posts filter to exclude some posts from the widget. You could use the filter to exclude all posts belonging to specific categories, for example.

Could you try to deactivate and delete the Jetpack plugin from your site, and then install Jetpack 3.9.2 from scratch?

If you still get a 500 error when doing so, we’ll need to look at your error logs to find out more about the problem. Could you then ask your hosting provider to take a look at your logs, and send us an email with what they found?https://jetpack.me/contact-support/

This is the exact steps I followed (if it can help others) :
1 — I deactivated 3.9.1 (forgot to mention this in my former reply) in the Extensions panel in Dashboard
2 — I deleted 3.9.1 folder (I did this through Extension panel in Dashboard too)
3 — I reinstalled 3.9.2 from scratch (I uploaded a brand new folder by ftp)
4 — Then I activated it from the Extensions panel in Dashboard